Security News > 2020 > August > Using AI to fight hand-crafted Business Email Compromise
Business Email Compromise, is a form of targeted phishing where attackers disguise themselves as senior executives to dupe employees into doing something they absolutely shouldn't, like wire money.
BEC emails can be difficult to detect using security solutions because no malware is involved.
Detecting hand crafted BEC emails is even harder because each one is unique, and skilled attackers can be very good at mimicking the style and tone of their targets.
The tests were run using a dataset of over four million emails and meta data from a threat intelligence feed and the email system at Sophos.
The tests showed that the CATBERT model can detect malicious phishing and BEC emails with a high degree of accuracy while also being 30% smaller and twice as fast as the lightest existing model, DistilBERT. The 'Context-Aware' architecture that takes the content features from the email text and the contextual elements from header fields further improves the model's detection performance.